On Fri, Mar 14, 2008 at 3:44 PM, Johannes Nohl <[EMAIL PROTECTED]> wrote:
> Dear list, > > I'm trying to configure Exim version 4.69 on OpenSuse 10.3 to > authenticate against cyrus SASL2. SASL works well. > > # testsaslauthd -u user -p password -f /var/run/sasl2/mux > > returns: 0: OK "Success." > > According to http://wiki.exim.org/AuthenticatedSmtpUsingSaslauthd I > added to exim.conf: > > # ACL > > accept authenticated = * > control = submission > > > # AUTHENTICATION CONFIGURATION > > plain: > driver = plaintext > public_name = PLAIN > server_set_id = $2 > server_condition = ${if saslauthd{{$2}{$3}}{1}{0}} > server_advertise_condition = true You're missing "server_prompts = :" in that authenticator login: > driver = plaintext > public_name = LOGIN > server_prompts = "Username:: : Password::" > server_condition = ${if saslauthd{{$1}{$2}}{1}{0}} > server_set_id = $1 > server_advertise_condition = true > This one looks fine. I don't know how to ask exim what's the path of the compiled in sasl > socket. But looking inside the exim binary I found /var/run/sasl2/mux. > That makes me thinking that sasl support and the right socket is > compiled in. Should be then! The problem could be that the exim_user cannot read from the socket. Please check that too. The last time I dealt with such a situation what I did was to make the socket readable by exim_user. The following entries were in my /etc/rc.conf to start the saslauthd: # We use SASLAUTHD for ASMTP saslauthd_enable="YES" # Enable saslauthd saslauthd_flags="-a pam" # Flags to saslauthd program #saslauthd_flags="-a rimap -O localhost" # if you want to auth against IMAP server saslauthd_runpath="/var/run/saslauthd" # Working directory saslauthd_program="/usr/local/sbin/saslauthd" # Location of saslauthd (That is on FreeBSD. I don't know much on Linux, so YMMV). Using the user and password of testsaslauthd above I can't send mails. > Thunderbird asks for user and pass but giving the right values sending > fails. The logs say: > > # tail /var/log/exim/reject.log: > 2008-03-14 13:30:32 plain authenticator failed for ([192.168.xx.xx]) > [91.xx.xx.xx]: 535 Incorrect authentication data > > No entry in panic.log. > > # tail /var/log/exim/mail.log: > 2008-03-14 13:46:14 no host name found for IP address 91.xx.xx.x > 2008-03-14 13:46:17 plain authenticator failed for ([192.168.xx.xx]) > [91.xx.xx.xx]: 535 Incorrect authentication data > > I don't know where to look now. Is the server_condition right? exim > doc in packages recommends Yes, server_condition are right in the above authenticators. Is the saslauthd running and can exim_user read from the socket? That could be where your solution lies. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "Oh My God! They killed init! You Bastards!" --from a /. post -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
